diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 205806e..372a256 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -61,28 +61,28 @@ jobs: name: prerequisites steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/schema-tools - name: Build codegen binaries @@ -101,7 +101,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - if: github.event_name == 'pull_request' name: Comment on PR with Details of Schema Check - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # v2.5.0 with: message: | ${{ env.SCHEMA_CHANGES }} @@ -110,7 +110,7 @@ jobs: - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') && github.actor == 'pulumi-bot' name: Add label if no breaking changes - uses: actions-ecosystem/action-add-labels@v1.1.0 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: labels: impact/no-changelog-required number: ${{ github.event.issue.number }} @@ -118,7 +118,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -132,19 +132,19 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz - name: Test Provider Library run: make test_provider - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in building provider prerequisites fields: repo,commit,author,action @@ -164,50 +164,50 @@ jobs: name: build_sdks steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -222,7 +222,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -234,14 +234,14 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz retention-days: 30 - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure while building SDKs fields: repo,commit,author,action @@ -265,50 +265,50 @@ jobs: id-token: write steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -319,7 +319,7 @@ jobs: run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; - name: Download SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -338,7 +338,7 @@ jobs: - name: Install dependencies run: make install_${{ matrix.language}}_sdk - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: ${{ env.AWS_REGION }} @@ -347,7 +347,7 @@ jobs: role-session-name: ${{ env.PROVIDER }}@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7 with: workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ @@ -355,7 +355,7 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v2 + uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a # v2.1.2 with: install_components: gke-gcloud-auth-plugin - name: Install gotestfmt @@ -370,7 +370,7 @@ jobs: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in SDK tests fields: repo,commit,author,action @@ -381,21 +381,21 @@ jobs: name: publish steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Clear GitHub Actions Ubuntu runner disk space - uses: jlumbroso/free-disk-space@v1.3.1 + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 with: tool-cache: false dotnet: false @@ -404,13 +404,13 @@ jobs: swap-storage: true large-packages: false - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -420,7 +420,7 @@ jobs: role-external-id: upload-pulumi-release role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0 env: GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }} with: @@ -428,7 +428,7 @@ jobs: version: latest - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing binaries fields: repo,commit,author,action @@ -439,46 +439,46 @@ jobs: name: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Checkout Scripts Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: path: ci-scripts repository: pulumi/scripts - run: echo "ci-scripts" >> .git/info/exclude - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Download python SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: python-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -486,7 +486,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python - name: Download dotnet SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: dotnet-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -494,7 +494,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet - name: Download nodejs SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: nodejs-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -510,7 +510,7 @@ jobs: PYPI_PUBLISH_ARTIFACTS: all - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing SDK fields: repo,commit,author,action @@ -519,17 +519,17 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true ref: ${{ env.PR_COMMIT_SHA }} - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: golangci-lint provider pkg - uses: golangci/golangci-lint-action@v4 + uses: golangci/golangci-lint-action@d6238b002a20823d52840fda27e2d4891c5952dc # v4.0.1 with: version: ${{ env.GOLANGCI_LINT_VERSION }} args: -c ../.golangci.yml diff --git a/.github/workflows/command-dispatch.yml b/.github/workflows/command-dispatch.yml index 03037c7..e6a95dc 100644 --- a/.github/workflows/command-dispatch.yml +++ b/.github/workflows/command-dispatch.yml @@ -53,10 +53,10 @@ jobs: name: command-dispatch-for-testing steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - - uses: peter-evans/slash-command-dispatch@v2 + - uses: peter-evans/slash-command-dispatch@13bc09769d122a64f75aa5037256f6f2d78be8c4 # v4.0.0 with: token: ${{ secrets.PULUMI_BOT_TOKEN }} reaction-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index d635d8b..fc5bd08 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -53,28 +53,28 @@ jobs: name: prerequisites steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/schema-tools - name: Build codegen binaries @@ -93,7 +93,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - if: github.event_name == 'pull_request' name: Comment on PR with Details of Schema Check - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # v2.5.0 with: message: | ${{ env.SCHEMA_CHANGES }} @@ -102,7 +102,7 @@ jobs: - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') && github.actor == 'pulumi-bot' name: Add label if no breaking changes - uses: actions-ecosystem/action-add-labels@v1.1.0 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: labels: impact/no-changelog-required number: ${{ github.event.issue.number }} @@ -110,7 +110,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -124,19 +124,19 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz - name: Test Provider Library run: make test_provider - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in building provider prerequisites fields: repo,commit,author,action @@ -156,50 +156,50 @@ jobs: name: build_sdks steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -214,7 +214,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -226,13 +226,13 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure while building SDKs fields: repo,commit,author,action @@ -256,50 +256,50 @@ jobs: id-token: write steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -310,7 +310,7 @@ jobs: run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; - name: Download SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -329,7 +329,7 @@ jobs: - name: Install dependencies run: make install_${{ matrix.language}}_sdk - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: ${{ env.AWS_REGION }} @@ -338,7 +338,7 @@ jobs: role-session-name: ${{ env.PROVIDER }}@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7 with: workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ @@ -346,7 +346,7 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v2 + uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a # v2.1.2 with: install_components: gke-gcloud-auth-plugin - name: Install gotestfmt @@ -361,7 +361,7 @@ jobs: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in SDK tests fields: repo,commit,author,action @@ -372,21 +372,21 @@ jobs: name: publish steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Clear GitHub Actions Ubuntu runner disk space - uses: jlumbroso/free-disk-space@v1.3.1 + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 with: tool-cache: false dotnet: false @@ -395,13 +395,13 @@ jobs: swap-storage: true large-packages: false - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -411,7 +411,7 @@ jobs: role-external-id: upload-pulumi-release role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0 env: GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }} with: @@ -419,7 +419,7 @@ jobs: version: latest - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing binaries fields: repo,commit,author,action @@ -430,46 +430,46 @@ jobs: name: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Checkout Scripts Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: path: ci-scripts repository: pulumi/scripts - run: echo "ci-scripts" >> .git/info/exclude - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Download python SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: python-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -477,7 +477,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python - name: Download dotnet SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: dotnet-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -485,7 +485,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet - name: Download nodejs SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: nodejs-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -501,7 +501,7 @@ jobs: PYPI_PUBLISH_ARTIFACTS: all - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing SDK fields: repo,commit,author,action @@ -513,37 +513,37 @@ jobs: name: publish_java_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download java SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: java-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -551,7 +551,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C ${{github.workspace}}/sdk/java - name: Publish Java SDK - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 env: PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }} with: @@ -564,16 +564,16 @@ jobs: needs: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Download go SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: go-sdk.tar.gz path: ${{ github.workspace}}/sdk/ diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 5595834..461db1f 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -50,11 +50,11 @@ jobs: name: comment-on-pr steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - name: Comment PR - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # v2.5.0 with: message: > PR is now waiting for a maintainer to run the acceptance tests. diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 353360e..ba20504 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -53,28 +53,28 @@ jobs: name: prerequisites steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/schema-tools - name: Build codegen binaries @@ -93,7 +93,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - if: github.event_name == 'pull_request' name: Comment on PR with Details of Schema Check - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # v2.5.0 with: message: | ${{ env.SCHEMA_CHANGES }} @@ -102,7 +102,7 @@ jobs: - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') && github.actor == 'pulumi-bot' name: Add label if no breaking changes - uses: actions-ecosystem/action-add-labels@v1.1.0 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: labels: impact/no-changelog-required number: ${{ github.event.issue.number }} @@ -110,7 +110,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -124,19 +124,19 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz - name: Test Provider Library run: make test_provider - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in building provider prerequisites fields: repo,commit,author,action @@ -156,50 +156,50 @@ jobs: name: build_sdks steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -214,7 +214,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -226,13 +226,13 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure while building SDKs fields: repo,commit,author,action @@ -256,50 +256,50 @@ jobs: id-token: write steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -310,7 +310,7 @@ jobs: run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; - name: Download SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -329,7 +329,7 @@ jobs: - name: Install dependencies run: make install_${{ matrix.language}}_sdk - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: ${{ env.AWS_REGION }} @@ -338,7 +338,7 @@ jobs: role-session-name: ${{ env.PROVIDER }}@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7 with: workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ @@ -346,7 +346,7 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v2 + uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a # v2.1.2 with: install_components: gke-gcloud-auth-plugin - name: Install gotestfmt @@ -361,7 +361,7 @@ jobs: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in SDK tests fields: repo,commit,author,action @@ -372,21 +372,21 @@ jobs: name: publish steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Clear GitHub Actions Ubuntu runner disk space - uses: jlumbroso/free-disk-space@v1.3.1 + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 with: tool-cache: false dotnet: false @@ -395,13 +395,13 @@ jobs: swap-storage: true large-packages: false - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -411,7 +411,7 @@ jobs: role-external-id: upload-pulumi-release role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0 env: GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }} with: @@ -419,7 +419,7 @@ jobs: version: latest - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing binaries fields: repo,commit,author,action @@ -430,46 +430,46 @@ jobs: name: publish_sdks steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Checkout Scripts Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: path: ci-scripts repository: pulumi/scripts - run: echo "ci-scripts" >> .git/info/exclude - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Download python SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: python-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -477,7 +477,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python - name: Download dotnet SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: dotnet-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -485,7 +485,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet - name: Download nodejs SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: nodejs-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -501,7 +501,7 @@ jobs: PYPI_PUBLISH_ARTIFACTS: all - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing SDK fields: repo,commit,author,action @@ -513,37 +513,37 @@ jobs: name: publish_java_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download java SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: java-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -551,7 +551,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C ${{github.workspace}}/sdk/java - name: Publish Java SDK - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 env: PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }} with: @@ -564,16 +564,16 @@ jobs: needs: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Download go SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: go-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -595,7 +595,7 @@ jobs: needs: publish_go_sdk steps: - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Dispatch Event diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index ac70c4c..48d8083 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -62,7 +62,7 @@ jobs: run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID >> "$GITHUB_OUTPUT" - name: Update with Result - uses: peter-evans/create-or-update-comment@v1 + uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 with: token: ${{ secrets.PULUMI_BOT_TOKEN }} repository: ${{ github.event.client_payload.github.payload.repository.full_name }} @@ -74,29 +74,29 @@ jobs: name: prerequisites steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true ref: ${{ env.PR_COMMIT_SHA }} - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/schema-tools - name: Build codegen binaries @@ -115,7 +115,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - if: github.event_name == 'pull_request' name: Comment on PR with Details of Schema Check - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # v2.5.0 with: message: | ${{ env.SCHEMA_CHANGES }} @@ -124,7 +124,7 @@ jobs: - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') && github.actor == 'pulumi-bot' name: Add label if no breaking changes - uses: actions-ecosystem/action-add-labels@v1.1.0 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: labels: impact/no-changelog-required number: ${{ github.event.issue.number }} @@ -132,7 +132,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -146,19 +146,19 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz - name: Test Provider Library run: make test_provider - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in building provider prerequisites fields: repo,commit,author,action @@ -180,51 +180,51 @@ jobs: name: build_sdks steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true ref: ${{ env.PR_COMMIT_SHA }} - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -239,7 +239,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -251,14 +251,14 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz retention-days: 30 - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure while building SDKs fields: repo,commit,author,action @@ -284,51 +284,51 @@ jobs: id-token: write steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true ref: ${{ env.PR_COMMIT_SHA }} - id: version name: Set Provider Version - uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -339,7 +339,7 @@ jobs: run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; - name: Download SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -358,7 +358,7 @@ jobs: - name: Install dependencies run: make install_${{ matrix.language}}_sdk - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: ${{ env.AWS_REGION }} @@ -367,7 +367,7 @@ jobs: role-session-name: ${{ env.PROVIDER }}@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7 with: workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ @@ -375,7 +375,7 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v2 + uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a # v2.1.2 with: install_components: gke-gcloud-auth-plugin - name: Install gotestfmt @@ -390,7 +390,7 @@ jobs: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in SDK tests fields: repo,commit,author,action @@ -402,7 +402,7 @@ jobs: name: sentinel steps: - name: Mark workflow as successful - uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 + uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 # v1.1.13 with: authToken: ${{ secrets.GITHUB_TOKEN }} context: Sentinel @@ -418,17 +418,17 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true ref: ${{ env.PR_COMMIT_SHA }} - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: golangci-lint provider pkg - uses: golangci/golangci-lint-action@v4 + uses: golangci/golangci-lint-action@d6238b002a20823d52840fda27e2d4891c5952dc # v4.0.1 with: version: ${{ env.GOLANGCI_LINT_VERSION }} args: -c ../.golangci.yml diff --git a/.github/workflows/weekly-pulumi-update.yml b/.github/workflows/weekly-pulumi-update.yml index 49594ef..0fb9281 100644 --- a/.github/workflows/weekly-pulumi-update.yml +++ b/.github/workflows/weekly-pulumi-update.yml @@ -51,31 +51,31 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@71d17cb091aa850acb2a1a4cf87258d183eb941b # v1.11.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Update Pulumi/Pulumi diff --git a/.goreleaser.prerelease.yml b/.goreleaser.prerelease.yml index ac201ac..4f379aa 100644 --- a/.goreleaser.prerelease.yml +++ b/.goreleaser.prerelease.yml @@ -16,6 +16,8 @@ builds: ignore: [] main: ./cmd/pulumi-resource-docker-build/ ldflags: + - -s + - -w - -X github.com/pulumi/pulumi-docker-build/provider/pkg/version.Version={{.Tag}} - -X github.com/pulumi/pulumi-docker-build/provider.Version={{.Tag}} diff --git a/.goreleaser.yml b/.goreleaser.yml index f7e9d64..3a17383 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -16,6 +16,8 @@ builds: ignore: [] main: ./cmd/pulumi-resource-docker-build/ ldflags: + - -s + - -w - -X github.com/pulumi/pulumi-docker-build/provider/pkg/version.Version={{.Tag}} - -X github.com/pulumi/pulumi-docker-build/provider.Version={{.Tag}}